Symantec has discovered spyware of a “degree of technical skill rarely seen and which has been used in espionage operations against governments, infrastructure operators, businesses, researchers and individuals”. The virus would operate “at least” since 2008 says the group.
Dubbed Regin, the computer security firm believes that “its capabilities and the level of resources behind Regin indicate that it is one of the main cyber espionage tools used by a nation. (…) The development and operation of this malware would have required a significant investment of time and resources, which indicates that a State is responsible. Its design makes it very suitable for long term and persistent surveillance operations against targets ”. The company does not however risk to designate a State in particular.
“It is very difficult to determine what he is doing”
According to Symantec, Regin has several modules that can “take screenshots, take control of the mouse and its targeting and click functions, steal passwords, monitor network traffic, or retrieve data. deleted files ”. Another major problem: “even when its presence is detected, it is very difficult to determine what it is doing”.
This would not be the first time that a virus created by a State has been detected. In 2010, Stuxnet, a virus often attributed to the United States and Israel, was discovered. Its objective: to target nuclear installations in Iran in order to slow down its nuclear enrichment program.